Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

ASA 5505 LAN-to-WAN site-to-site VPN

Hi

I need to set up a site-to-site VPN on ASA 5505 (ASA version 8.4) on a private IP address range to a third party who have are using internet routable IP addresses for the remote LAN.

E.g. in the Protected Networks settings

Local Network: 192.168.1.0/24

Remote Network: 1.1.1.0/24

Is this possible?

Thanks

Julian

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions

ASA 5505 LAN-to-WAN site-to-site VPN

Yes, it is possible, use in the interesting traffic identifier ACL (i.e crypto ACL) the remote destination address is public address instead of a private address and your VPN remote peer's address is naturally public address if it goes over public-cloud. You may have an ACL on the inside interface, control (local LAN) access to remote tunnel end.

This setup is much similar to vpn tunning to banks over public-cloud.

Thanks

Rizwan Rafeek.

2 REPLIES

ASA 5505 LAN-to-WAN site-to-site VPN

Yes, it is possible, use in the interesting traffic identifier ACL (i.e crypto ACL) the remote destination address is public address instead of a private address and your VPN remote peer's address is naturally public address if it goes over public-cloud. You may have an ACL on the inside interface, control (local LAN) access to remote tunnel end.

This setup is much similar to vpn tunning to banks over public-cloud.

Thanks

Rizwan Rafeek.

Community Member

ASA 5505 LAN-to-WAN site-to-site VPN

Thanks

This prompted me to double-check my configuration and I found the remote network was set up incorrectly (I hadn't been given the correct information at the time).

798
Views
0
Helpful
2
Replies
CreatePlease to create content